exozyme/zine
4
1
Fork 0
Code Issues Pull requests 1 Actions Packages Projects Releases Wiki Activity

Write commentary for POSIX user management posts
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/pr/woodpecker Pipeline was successful
Details

Browse source
This commit is contained in:
Anthony Wang 2024-06-02 11:35:37 -05:00
parent ad3a73c74d
commit 02540842cd
Signed by: a
SSH key fingerprint: SHA256:B5ADfMCqd2M7d/jtXDoihAV/yfXOAbWWri9+GdCN4hQ
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/content/posts/2024/june-2024.md
View file

@ -12,10 +12,9 @@ https://a.exozy.me/posts/guest-post-short-story-5/ (fun but not tech-related? ca
https://a.exozy.me/posts/bad-apple-animated-qr-code/
Related:
https://a.exozy.me/posts/pam-auth-without-access-etc-shadow/
https://www.1a-insec.net/frag/37-posix-login/
## The intricacies of POSIX user management
The exozyme server recently switched from LDAP to PAM for user management, so both @a and @iacore wrote articles about some of the subtleties of the standard user management systems on Linux and other Unix-like OSes. On Linux, PAM authentication by default requires being root or having access to the password hashes in `/etc/passwd`, but @a found that [it's possible to use a tool called SSSD](https://a.exozy.me/posts/pam-auth-without-access-etc-shadow/) to get around that for better security. [@iacore's article](https://www.1a-insec.net/frag/37-posix-login/), among other things, discusses how it's legal for a UID to have more than one username and its the cursed consequences.
https://www.1a-insec.net/blog/52-static-site-hosting-providers/